8853 add key display

netbox/templates/generic/object_edit.html

@@ -109,9 +109,11 @@ Context:
               <button type="submit" name="_create" class="btn btn-primary">
                 Create
               </button>
+              {% if not disable_addanother %}
               <button type="submit" name="_addanother" class="btn btn-outline-primary">
                 Create & Add Another
               </button>
+              {% endif %}
             {% endif %}
             <a class="btn btn-outline-danger" href="{{ return_url }}">Cancel</a>
           {% endblock buttons %}

netbox/templates/users/api_token.html

@@ -0,0 +1,35 @@
+{% extends 'generic/object.html' %}
+{% load helpers %}
+{% load plugins %}
+
+{% block content %}
+  <div class="row">
+    <div class="col col-md-12">
+      <div class="card">
+        <h5 class="card-header">Token Created</h5>
+        <div class="card-body">
+          <p>The token has been created, you will need to copy the key as it will no longer be displayed for security purposes.</p>
+          <table class="table table-hover attr-table">
+            <tr>
+              <td>Key</td>
+              <td>{{ object.key }}</td>
+            </tr>
+          </table>
+    <form method="post">
+      {% csrf_token %}
+      <div class="row my-3">
+        <div class="col col-md-12 text-center">
+          <button type="submit" name="_addanother" class="btn btn-outline-primary">
+            Add Another
+          </button>
+          <a href="{{ return_url }}" class="btn btn-outline-danger">Cancel</a>
+        </div>
+      </div>
+    </form>
+
+        </div>
+      </div>
+      {% plugin_left_page object %}
+    </div>
+  </div>
+{% endblock %}

netbox/users/urls.py

@@ -10,6 +10,7 @@ urlpatterns = [
     path('password/', views.ChangePasswordView.as_view(), name='change_password'),
     path('api-tokens/', views.TokenListView.as_view(), name='token_list'),
     path('api-tokens/add/', views.TokenEditView.as_view(), name='token_add'),
+    path('api-tokens/<int:pk>/', views.TokenKeyView.as_view(), name='token_key'),
     path('api-tokens/<int:pk>/edit/', views.TokenEditView.as_view(), name='token_edit'),
     path('api-tokens/<int:pk>/delete/', views.TokenDeleteView.as_view(), name='token_delete'),
 

netbox/users/views.py

@@ -261,6 +261,7 @@ class TokenEditView(LoginRequiredMixin, View):
             'object': token,
             'form': form,
             'return_url': reverse('users:token_list'),
+            'disable_addanother': not settings.ALLOW_TOKEN_RETRIEVAL
         })
 
     def post(self, request, pk=None):
@@ -280,7 +281,9 @@ class TokenEditView(LoginRequiredMixin, View):
             msg = f"Modified token {token}" if pk else f"Created token {token}"
             messages.success(request, msg)
 
-            if '_addanother' in request.POST:
+            if not pk and not settings.ALLOW_TOKEN_RETRIEVAL:
+                return redirect('users:token_key', pk=token.pk)
+            elif '_addanother' in request.POST:
                 return redirect(request.path)
             else:
                 return redirect('users:token_list')
@@ -289,6 +292,7 @@ class TokenEditView(LoginRequiredMixin, View):
             'object': token,
             'form': form,
             'return_url': reverse('users:token_list'),
+            'disable_addanother': not settings.ALLOW_TOKEN_RETRIEVAL
         })
 
 
@@ -322,3 +326,23 @@ class TokenDeleteView(LoginRequiredMixin, View):
             'form': form,
             'return_url': reverse('users:token_list'),
         })
+
+
+class TokenKeyView(LoginRequiredMixin, View):
+
+    def get(self, request, pk):
+        token = get_object_or_404(Token.objects.filter(user=request.user), pk=pk)
+
+        return render(request, 'users/api_token.html', {
+            'object': token,
+            'key': token.key,
+            'return_url': reverse('users:token_list'),
+        })
+
+    def post(self, request, pk):
+        token = get_object_or_404(Token.objects.filter(user=request.user), pk=pk)
+
+        if '_addanother' in request.POST:
+            return redirect('users:token_add')
+        else:
+            return redirect('users:token_list')